shrio的学习

shrio是一个框架（这里我们使用自定义realm）

有四大基石，身份验证，授权，密码学，会话管理（这里的session可以放在任何B/S或者C/S中）

使用需要导入pom,调用

在pxm中导入

<dependencies>
        <dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-core</artifactId>
            <version>1.4.0</version>
        </dependency>
        <dependency>
            <groupId>commons-logging</groupId>
            <artifactId>commons-logging</artifactId>
            <version>1.2</version>
        </dependency>
        <dependency>
            <groupId>junit</groupId>
            <artifactId>junit</artifactId>
            <version>4.12</version>
        </dependency>
    </dependencies>

 自定realm

package cn.jiedada.shiro;

import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;

import java.util.HashSet;
import java.util.Set;

public class MyRealm extends AuthorizingRealm {
    /*授权
    * */
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        //设置冲数据库中传来的角色
        simpleAuthorizationInfo.setRoles(this.getRoles());
        //设置冲数据库中传来的权限
        simpleAuthorizationInfo.setStringPermissions(getPerms());
        return simpleAuthorizationInfo;
    }
    private Set getRoles(){
        Set set = new HashSet();
        set.add("admin");
        return  set;
    }
    private Set getPerms(){
        Set set = new HashSet();
        set.add("*");
        return  set;
    }
    /*身份验证
    返回值null为用户名错误
    * */
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //获得token序列
        UsernamePasswordToken token=(UsernamePasswordToken)authenticationToken;
        //获得用户名
        String username = token.getUsername();
        //去数据库查询密码
        String pwd = getUsers(username);
        if(pwd!=null){
            //验证密码,传入三个参数
            //设置盐
            ByteSource byteSource = ByteSource.Util.bytes("jiedada");
            SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(username,pwd,byteSource,"myshiro");
            return simpleAuthenticationInfo;
        }
        return null;
    }
    private String getUsers(String username){
        if("adimn".equals(username)){
            return "2a7e4163f7f9f316d03c3f384eeb301b";
        }
        return null;
    }
}

测试（这里有自动生成的密码加密）

package cn.jiedada.shiro;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.crypto.hash.SimpleHash;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.subject.Subject;
import org.junit.Test;

public class MyShiroTest {
    @Test
    public void test01() throws Exception{
        //自定义securityManager
        MyRealm myRealm = new MyRealm();
        DefaultSecurityManager securityManager = new DefaultSecurityManager();
        //把我们的realm传入其中
        securityManager.setRealm(myRealm);
         /*
        SecurityUtils.setSecurityManager(securityManager)
        设置在上下文路径中
         */
        SecurityUtils.setSecurityManager(securityManager);
        //获得游客或者对象
        Subject currentUser = SecurityUtils.getSubject();
        /*设置解码器*/
        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();

        hashedCredentialsMatcher.setHashAlgorithmName("MD5");
        hashedCredentialsMatcher.setHashIterations(10);
        //设置hashedCredentialsMatcher（）设置到我们的myRealm中
        myRealm.setCredentialsMatcher(hashedCredentialsMatcher);
        //currentUser.isAuthenticated()判断是否存在有currentUser
        System.out.println("是否有上下文对象："+currentUser.isAuthenticated());
        if(!currentUser.isAuthenticated()){
            //获得令牌传入参数，判断是否是正确的
            try {
                UsernamePasswordToken token = new UsernamePasswordToken("adimn","123456");
                //使用当前用户经行添加
                currentUser.login(token);
            }catch (UnknownAccountException e){
                //判断用户名是否错误
                e.printStackTrace();
                System.out.println("是请输入正确的用户名");
            }
            catch (IncorrectCredentialsException e){
                //判断密码是否错误
                e.printStackTrace();
                System.out.println("是请输入正确的密码");
            }catch (AuthenticationException e) {
                //所有的错误
                e.printStackTrace();
                System.out.println("未知错误");
            }
        }
        System.out.println("是否有上下文对象："+currentUser.isAuthenticated());
        System.out.println("是否有上下文对象："+currentUser.hasRole("sad"));
        System.out.println("是否有上下文对象："+currentUser.isPermitted("employee:save"));
    }
    /*密码加密
    algorithmName：为我们的加密算法
    source：为我们的密码
    salt：是否加盐
    hashIterations：迭代次数
    MD5 e10adc3949ba59abbe56e057f20f883e
    10次 4a95737b032e98a50c056c41f2fa9ec6
        2a7e4163f7f9f316d03c3f384eeb301b
    * */
    @Test
    public void test0pwd() throws Exception{
        SimpleHash hash = new SimpleHash("MD5","123456","jiedada",10);
        System.out.println(hash.toString());
    }
}